| 💼 1.1 Organization Resource | 4 | | 4 | | no data |
|  💼 1.1.1 Ensure Super Admin Email Address Is Not Tied To A Single User - Level 1 (Manual) | | | 1 | | no data |
|  💼 1.1.2 Ensure Super Admin Account Is Not Used For Google Cloud Administration - Level 1 (Manual) | | | 1 | | no data |
|  💼 1.1.3 Ensure Folders Are Structured By Environment And Sensitivity - Level 2 (Manual) | | | 1 | | no data |
|  💼 1.1.4 Ensure Organization Policies Are Configured For Centralized Constraints - Level 2 (Manual) | | | 1 | | no data |
| 💼 1.2 Ensure that Corporate Login Credentials are Used - Level 1 (Manual) | | | 1 | | no data |
| 💼 1.3 Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts - Level 1 (Manual) | | | 1 | | no data |
| 💼 1.4 Ensure that Security Key Enforcement is Enabled for All Admin Accounts - Level 2 (Manual) | | | 1 | | no data |
| 💼 1.5 Ensure That There Are Only GCP-Managed Service Account Keys for Each Service Account - Level 1 (Automated) | | | 1 | | no data |
| 💼 1.6 Ensure That Service Account Has No Admin Privileges - Level 1 (Automated) | | | 1 | | no data |
| 💼 1.7 Ensure That IAM Users Are Not Assigned the Service Account User or Service Account Token Creator Roles at Project Level - Level 1 (Automated) | | | 1 | | no data |
| 💼 1.8 Ensure User-Managed/External Keys for Service Accounts Are Rotated Every 90 Days or Fewer - Level 1 (Automated) | | | 1 | | no data |
| 💼 1.9 Ensure That Separation of Duties Is Enforced While Assigning Service Account Related Roles to Users - Level 2 (Automated) | | | 1 | | no data |
| 💼 1.10 Ensure That Cloud KMS Cryptokeys Are Not Anonymously or Publicly Accessible - Level 1 (Automated) | | | 1 | | no data |
| 💼 1.11 Ensure KMS Encryption Keys Are Rotated Within a Period of 90 Days - Level 1 (Automated) | | | 1 | | no data |
| 💼 1.12 Ensure That Separation of Duties Is Enforced While Assigning KMS Related Roles to Users - Level 2 (Automated) | | | 1 | | no data |
| 💼 1.13 Ensure API Keys Only Exist for Active Services - Level 2 (Automated) | | | 1 | | no data |
| 💼 1.14 Ensure API Keys Are Restricted To Use by Only Specified Hosts and Apps - Level 2 (Manual) | | | 1 | | no data |
| 💼 1.15 Ensure API Keys Are Restricted to Only APIs That Application Needs Access - Level 2 (Automated) | | | 1 | | no data |
| 💼 1.16 Ensure API Keys Are Rotated Every 90 Days - Level 2 (Automated) | | | 1 | | no data |
| 💼 1.17 Ensure Essential Contacts is Configured for Organization - Level 1 (Automated) | | | 1 | | no data |
| 💼 1.18 Ensure Secrets are Not Stored in Cloud Functions Environment Variables by Using Secret Manager - Level 1 (Manual) | | | 1 | | no data |